diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2012-01-13 22:52:44 +0100 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2012-01-13 22:52:44 +0100 |
commit | 24b35d0b8950407ce85eefef18576d54f1e2c20e (patch) | |
tree | 8ecba4e1c02fb03cfab8ae0f37ab60b7455c137f /lib/session.c | |
parent | dd71826fcfcfcc8c36f0508cc183dd222da40452 (diff) |
Exceptions support added to hash:*net* types
The "nomatch" keyword and option is added to the hash:*net* types,
by which one can add exception entries to sets. Example:
ipset create test hash:net
ipset add test 192.168.0/24
ipset add test 192.168.0/30 nomatch
In this case the IP addresses from 192.168.0/24 except 192.168.0/30
match the elements of the set.
Diffstat (limited to 'lib/session.c')
-rw-r--r-- | lib/session.c | 21 |
1 files changed, 10 insertions, 11 deletions
diff --git a/lib/session.c b/lib/session.c index 472b974..2ff463e 100644 --- a/lib/session.c +++ b/lib/session.c @@ -550,6 +550,8 @@ attr2data(struct ipset_session *session, struct nlattr *nla[], struct ipset_data *data = session->data; const struct ipset_attr_policy *attr; const void *d; + uint32_t v32; + uint16_t v16; int ret; attr = &attrs[type]; @@ -560,7 +562,7 @@ attr2data(struct ipset_session *session, struct nlattr *nla[], struct nlattr *ipattr[IPSET_ATTR_IPADDR_MAX+1] = {}; uint8_t family = ipset_data_family(data); int atype; - D("attr type %u", type); + D("IP attr type %u", type); if (mnl_attr_parse_nested(nla[type], ipaddr_attr_cb, ipattr) < 0) FAILURE("Broken kernel message, cannot validate " @@ -595,21 +597,16 @@ attr2data(struct ipset_session *session, struct nlattr *nla[], } d = mnl_attr_get_payload(ipattr[atype]); } else if (nla[type]->nla_type & NLA_F_NET_BYTEORDER) { + D("netorder attr type %u", type); switch (attr->type) { case MNL_TYPE_U32: { - uint32_t value; - - value = ntohl(*(const uint32_t *)d); - - d = &value; + v32 = ntohl(*(const uint32_t *)d); + d = &v32; break; } case MNL_TYPE_U16: { - uint16_t value; - - value = ntohs(*(const uint16_t *)d); - - d = &value; + v16 = ntohs(*(const uint16_t *)d); + d = &v16; break; } default: @@ -617,6 +614,8 @@ attr2data(struct ipset_session *session, struct nlattr *nla[], } } #ifdef IPSET_DEBUG + else + D("hostorder attr type %u", type); if (type == IPSET_ATTR_TYPENAME) D("nla typename %s", (const char *) d); #endif |